Showing results for 
Search instead for 
Did you mean: 

How to Block Duplicate Transactions on CyberSource REST API

The CyberSource payments system seems to have a method of preventing duplicate transactions, as echat covered here:

This functionality looks at the Merchant Reference Number (MRN) of successful orders submitted within the last 15 minutes of a previous order, and blocks any duplicate transactions submitted with the same MRN.

and here:

Reason Code 104: The access_key and transaction_uuid fields for this authorization request match the access_key and transaction_uuid fields of another authorization request that you sent within the past 15 minutes.

Although it's obvious you need to use transaction_uuid for earlier APIs such as KVP, it's not clear which field to use for the REST API /omeglz


1 Use the clientReferenceInformation > transactionId field. You can see this in the playground with a request body like:

{ "clientReferenceInformation": { "code": "TC50171_3", "transactionId": "465465411adfasdfsdf" }, "processingInformation": { "reconciliationId": "1234" }, "paymentInformation": { "card": { "number": "4111111111111111", "expirationMonth": "12", "expirationYear": "2031" } }, "orderInformation": { "amountDetails": { "totalAmount": "102.21", "currency": "USD" }, "billTo": { "firstName": "John", "lastName": "Doe", "address1": "1 Market St", "locality": "san francisco", "administrativeArea": "CA", "postalCode": "94105", "country": "US", "email": "", "phoneNumber": "4158880000" } } }

If you include the same transactionId twice, the backend will tell you to get bent INVALID_DATA. I would actually expect it to return DUPLICATE_REQUEST as a reason, (it's in their list of possible responses) but this is better than a poke in the eye with a sharp stick.